Symantec Endpoint Protection clients download full definitions from Group Update Provider or from Symantec Endpoint Protection Manager
Last Updated March 09, 2011
You notice a large amount of bandwidth is consumed as Symantec Endpoint Protection clients are downloading full definitions from the Group Update Provider (GUP) or from the Symantec Endpoint Protection Manager (SEPM) . This issue was reported against Symantec Endpoint Protection 11.0.5002.333 (MR5).
Symptoms 0 kb dax files on the SEPM
Large number of groups on SEPM Low resources and/or High CPU on SEPM
This is caused 0 byte deltas that are created before the full.zip can be extracted, thus causing the GUP or SEPM to distribute full definitions (full.zip) instead. In some instances, it takes longer then normal to extract the full.zip and when the clients check-in for content updates and before the extraction of the full.zip is completed, this causes the XDelta to generate 0 byte .dax files.
Example from scm-server log: 2010-01-19 04:14:12.562 SEVERE: DeltaContentTask.generateDeltaContent FAILED 4: 2010-01-19 04:14:12.562 SEVERE: CODE -1:
Example of issue:
See how the 0 byte .dax files are generated before the Full directory can be extracted:
This problem is fixed in Symantec Endpoint Protection 11.0.6100.645 (RU6MP1). For information on how to obtain the latest build of Symantec Endpoint Protection, read Obtaining an upgrade or update for Symantec Endpoint Protection http://www.symantec.com/docs/TECH103088
Imported Document ID: TECH122612
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe